I am receiving SSL certificate errors from Chrome (latest version (23.0.1271.52 beta-m) and Internet Explorer 6 (not used) on my home desktop machine (Windows XP SP2). In Firefox, the site works fine on this PC. My laptop and work desktop (both Windows 7) also seem to work just fine. Most SSL website checking sites report that the certificate and chain up to the root CA are setup correctly, but I have come across about 2 that that say I have an invalid certificate but don't give much information on which piece is failing.
I know it used to work properly on this desktop (in Chrome and IE) in the past, but I'm not sure what has changed that is causing the site to fail in these browsers. Can anyone provide any assistance? This is driving me nuts!
Screenshot of error:
Best Answer
The issue was surrounding the certificate's hashing algorithm (SHA2-256) which isn't supported by these versions of Windows.
KB968730 - Windows Server 2003 and Windows XP clients cannot obtain certificates from a Windows Server 2008-based certification authority (CA) if the CA is configured to use SHA2 256 or higher encryption.
Many thanks to the author of this great article where I found the answer.